{"url":"http://public2.vulnerablecode.io/api/packages/942945?format=json","purl":"pkg:deb/debian/wordpress@2.1.0-1?distro=trixie","type":"deb","namespace":"debian","name":"wordpress","version":"2.1.0-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.1.1-1","latest_non_vulnerable_version":"6.9.4+dfsg1-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91803?format=json","vulnerability_id":"VCID-4gpe-jspv-n7c7","summary":"Directory traversal vulnerability in wp-db-backup.php in WordPress 2.0.3 and earlier allows remote attackers to read arbitrary files, delete arbitrary files, and cause a denial of service via a .. (dot dot) in the backup parameter in a wp-db-backup.php action to wp-admin/edit.php.  NOTE: this might be the same as CVE-2006-5705.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0194","reference_id":"","reference_type":"","scores":[{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69013","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.6903","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69051","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69031","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69081","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69101","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69124","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69109","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69079","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69119","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69128","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69108","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69157","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69165","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69173","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69153","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69196","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69229","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69221","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.6927","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69282","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00586","scoring_system":"epss","scoring_elements":"0.69296","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0194"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0194","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0194"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942945?format=json","purl":"pkg:deb/debian/wordpress@2.1.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2008-0194"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4gpe-jspv-n7c7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91643?format=json","vulnerability_id":"VCID-7qy9-e4j5-6fdb","summary":"wp-trackback.php in WordPress 2.0.6 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary SQL commands via the tb_id parameter.  NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in WordPress.","references":[{"reference_url":"http://osvdb.org/36860","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/36860"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0233","reference_id":"","reference_type":"","scores":[{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.93574","published_at":"2026-05-16T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.93458","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.93466","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.93473","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.93474","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.93481","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.93485","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.9349","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.9351","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.93516","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.93522","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.93525","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.9353","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.93543","published_at":"2026-05-07T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.93554","published_at":"2026-05-11T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.9356","published_at":"2026-05-12T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.93573","published_at":"2026-05-14T12:55:00Z"},{"value":"0.11179","scoring_system":"epss","scoring_elements":"0.9358","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0233"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0233"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/31385","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/31385"},{"reference_url":"https://www.exploit-db.com/exploits/3109","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/3109"},{"reference_url":"http://www.securityfocus.com/bid/21983","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/21983"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.6.2.1:beta_2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:0.6.2.1:beta_2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.6.2.1:beta_2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.6.2:beta_2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:0.6.2:beta_2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.6.2:beta_2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:0.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:0.71:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:1.5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:2.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-0233","reference_id":"CVE-2007-0233","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-0233"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/3109.php","reference_id":"OSVDB-36860;CVE-2007-0233","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/3109.php"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942945?format=json","purl":"pkg:deb/debian/wordpress@2.1.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2007-0233"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7qy9-e4j5-6fdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91652?format=json","vulnerability_id":"VCID-fc6e-njgb-pued","summary":"WordPress allows remote attackers to determine the existence of arbitrary files, and possibly read portions of certain files, via pingback service calls with a source URI that corresponds to a local pathname, which triggers different fault codes for existing and non-existing files, and in certain configurations causes a brief file excerpt to be published as a blog comment.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0541","reference_id":"","reference_type":"","scores":[{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79925","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79678","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79685","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79706","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79692","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.7972","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79728","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79749","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79733","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79727","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79756","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79757","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.7976","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.7979","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79796","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79811","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79826","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.7985","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79866","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79862","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79878","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79916","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01301","scoring_system":"epss","scoring_elements":"0.79921","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0541"},{"reference_url":"http://securityreason.com/securityalert/2191","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/2191"},{"reference_url":"http://www.securityfocus.com/archive/1/457996/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/457996/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/458003/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/458003/100/0/threaded"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-0541","reference_id":"CVE-2007-0541","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-0541"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942945?format=json","purl":"pkg:deb/debian/wordpress@2.1.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2007-0541"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fc6e-njgb-pued"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91650?format=json","vulnerability_id":"VCID-kdjp-qmxc-9qat","summary":"The wp_remote_fopen function in WordPress before 2.1 allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a large file, which triggers a long download session without a timeout constraint.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0539","reference_id":"","reference_type":"","scores":[{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80472","published_at":"2026-05-16T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80217","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80225","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80245","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80233","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80261","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80272","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.8029","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80275","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80269","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80299","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80301","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80305","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80331","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80337","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80355","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.8037","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80393","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80411","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80405","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80422","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80463","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0138","scoring_system":"epss","scoring_elements":"0.80468","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0539"},{"reference_url":"http://securityreason.com/securityalert/2191","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/2191"},{"reference_url":"http://www.securityfocus.com/archive/1/457996/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/457996/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/458003/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/458003/100/0/threaded"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-0539","reference_id":"CVE-2007-0539","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-0539"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942945?format=json","purl":"pkg:deb/debian/wordpress@2.1.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2007-0539"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kdjp-qmxc-9qat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91802?format=json","vulnerability_id":"VCID-qpzg-tnaj-3uab","summary":"Cross-site scripting (XSS) vulnerability in wp-db-backup.php in WordPress 2.0.11 and earlier, and possibly 2.1.x through 2.3.x, allows remote attackers to inject arbitrary web script or HTML via the backup parameter in a wp-db-backup.php action to wp-admin/edit.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0193","reference_id":"","reference_type":"","scores":[{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.82974","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.82991","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83004","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83001","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83026","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83033","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83049","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83042","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83038","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83076","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83079","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83102","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.8311","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83117","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83141","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83163","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83183","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83184","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83201","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83236","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83248","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01859","scoring_system":"epss","scoring_elements":"0.83249","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0193"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0193","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0193"},{"reference_url":"https://www.securityfocus.com/bid/27123/info","reference_id":"CVE-2008-0192;OSVDB-40224","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/27123/info"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/30979.txt","reference_id":"CVE-2008-0193;OSVDB-43408","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/30979.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942945?format=json","purl":"pkg:deb/debian/wordpress@2.1.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2008-0193"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qpzg-tnaj-3uab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91804?format=json","vulnerability_id":"VCID-vn8w-n4v7-kkfd","summary":"WordPress 2.0.11 and earlier allows remote attackers to obtain sensitive information via an empty value of the page parameter to certain PHP scripts under wp-admin/, which reveals the path in various error messages.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0195","reference_id":"","reference_type":"","scores":[{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.84962","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.84976","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.84993","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.84998","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.8502","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85027","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85043","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85042","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85038","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85059","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85061","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85083","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85092","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.8509","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85105","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.8513","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85151","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85147","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85161","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85195","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85204","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02394","scoring_system":"epss","scoring_elements":"0.85208","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0195"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0195","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0195"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942945?format=json","purl":"pkg:deb/debian/wordpress@2.1.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2008-0195"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vn8w-n4v7-kkfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91651?format=json","vulnerability_id":"VCID-xj9y-sb3e-vkac","summary":"WordPress allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a file with a binary content type, which is downloaded even though it cannot contain usable pingback data.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0540","reference_id":"","reference_type":"","scores":[{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.92023","published_at":"2026-05-16T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91909","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91917","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91925","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91932","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91944","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.9195","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91953","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91952","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91948","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91968","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91965","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91962","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91967","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.9196","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91973","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91987","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91996","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.91997","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.92004","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.9202","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0776","scoring_system":"epss","scoring_elements":"0.92029","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0540"},{"reference_url":"http://secunia.com/advisories/30013","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30013"},{"reference_url":"http://securityreason.com/securityalert/2191","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/2191"},{"reference_url":"http://www.debian.org/security/2008/dsa-1564","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2008/dsa-1564"},{"reference_url":"http://www.securityfocus.com/archive/1/457996/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/457996/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/458003/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/458003/100/0/threaded"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-0540","reference_id":"CVE-2007-0540","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-0540"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29522.py","reference_id":"CVE-2007-0540;OSVDB-33006","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/29522.py"},{"reference_url":"https://www.securityfocus.com/bid/22220/info","reference_id":"CVE-2007-0540;OSVDB-33006","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/22220/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/942945?format=json","purl":"pkg:deb/debian/wordpress@2.1.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942927?format=json","purl":"pkg:deb/debian/wordpress@5.7.11%2Bdfsg1-0%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"},{"vulnerability":"VCID-yqam-kpce-dfg7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@5.7.11%252Bdfsg1-0%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942925?format=json","purl":"pkg:deb/debian/wordpress@6.1.9%2Bdfsg1-0%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gyaq-8pvh-p7gg"},{"vulnerability":"VCID-jghn-eujf-zbdn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.1.9%252Bdfsg1-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942929?format=json","purl":"pkg:deb/debian/wordpress@6.8.3%2Bdfsg1-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.8.3%252Bdfsg1-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/942928?format=json","purl":"pkg:deb/debian/wordpress@6.9.4%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@6.9.4%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2007-0540"],"risk_score":9.0,"exploitability":"2.0","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xj9y-sb3e-vkac"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/wordpress@2.1.0-1%3Fdistro=trixie"}